Skip to main content

IU expert offers tips on protecting personal data

Center for Applied Cybersecurity Research director Von Welch helps navigate the world of cybersecurity

This article originally appeared in Inside IU: 

As details of large-scale data breaches continue to fill the news, it’s important to take steps to protect your personal information as well as that of your family.

February’s data breach at health insurance provider Anthem affected about 35,000 IU employees, former employees, retirees and/or their dependents, while a May security breach for university benefit plan vendor NoMoreClipboard affected about 28,000 employees, former employees and retirees.

As details of large-scale data breaches continue to fill the news, it’s important to take steps to protect your personal information as well as that of your family.

IU employees affected by the Anthem breach were able to sign up for two years’ worth of free identity protection services provided by the company, and NoMoreClipboard is offering a similar service.

Additional information about the Anthem cyberattack is available on the University Human Resources website, while more details about the NoMoreClipboard breach are available online as well.

As with any crime, it may be impossible to protect oneself completely from crime online, but one can take steps to minimize the risk. IU’s Center for Applied Cybersecurity Research works with organizations around the world to help them manage the risks of doing business online.

Center for Applied Cybersecurity Research director Von Welch offered tips to help navigate the complex and oftentimes confusing world of cybersecurity:

  • Credit cards remain relatively safe. Your liability is limited to $50 and that is often waived. A stolen card number may be an inconvenience, but you don’t need to worry about a big financial bill. Debit cards get similar protection, but it may take a while to recover any fraudulent charges.
  • Beware of phishing schemes. Particularly if you’ve been the victim of a breach, criminals know you are a customer of the breached organization and may use that information to trick you into revealing even more information. Take an extra minute to examine emails you receive claiming to be from the breached organization, especially if they ask you click on a link to log in or give information. If in doubt, do a web search or call the organization to check and see if the email is legitimate.
  • Manage password overload. We all have too many password to remember. Using an online password manager or even a written list you keep somewhere safe is better than using weak passwords or the same password over and over. Think about your most valuable sites such online banking, accounts that control direct deposit, retirement accounts, and so forth, and focus on creating strong, unique password for those sites so they are not at risk if your password for other sites is stolen.
  • Upgrade your authentication. Many sites are starting to offer “two factor authentication” -- a key fob or smart phone application to use in addition to a password. It’s a small hassle that is well worth it for securing your money or other important online accounts.
  • Consider a credit freeze. Recently Indiana Attorney General Greg Zoeller urged all Hoosier to freeze their credit. This prevents thieves from open accounts or taking out loans in your name. More information about freezing your credit can be found online.
  • Protect your mobile devices. Your phone and tablet probably have access to your email, which can give a thief what they need to get at your other accounts through password resets or social engineering. Having a screen lock on your mobile devices and encrypting them are two steps to protecting yourself in case you lose them. Apple and Google also both offer services that let you erase all the data on your devices if you lose them -- you’ll still be out the device, but at least your accounts will be safe.